Hi Ben,
Ah, good catch. Maybe the doc should be updated to mention that fact.
Does anyone know if this is on the roadmap?
Thanks,
Hubert
On 9/21/17 20:12, Benjamin Kaduk wrote:
On 09/21/2017 03:30 AM, Le Van Gong, Hubert wrote:
Hi there,
I'm trying to run opensslin server modeand leverage non-default DH
params with the following command:
sudo openssl s_server -cert server_cert.pem -dhparam dhparam_2.pem
-tls1_3 -accept 443
Where the dhparam_2.pem file contains the 2 DH params I want to use.
However, I keep getting the following error message: Error with
command: "-dhparam dhparam_2.pem"
I'm using OpenSSL 1.1.1-dev and see the same behaviour on macOS or
linux.
Any idea as to what it is I am missing?
It seems that what is missing is actual support in the code,
diff --git a/apps/s_server.c b/apps/s_server.c
index c45256a..d54909a 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -795,6 +795,7 @@ const OPTIONS s_server_options[] = {
{"pass", OPT_PASS, 's', "Private key file pass phrase source"},
{"dcert", OPT_DCERT, '<',
"Second certificate file to use (usually for DSA)"},
+ {"dhparam", OPT_DHPARAM, '<', "DH parameters file to use"},
{"dcertform", OPT_DCERTFORM, 'F',
"Second certificate format (PEM or DER) PEM default"},
{"dkey", OPT_DKEY, '<',
-Ben
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
